[bitnami/harbor] Enable zero-secret output #25453
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Thanks for your contribution, could you please rebase from |
meln5674
force-pushed
the
feature/harbor-existing-secrets
branch
from
ab44139
to
9faec85
Compare
|
Let me know if there's anything needed on my end besides the rebase to get the check to pass. |
|
It seems that your branch is 31 commits behind main, could you sync your fork? The issue with the action should be fixed by then |
* Added value trivy.existingEnvVarsSecret * Added value jobservice.existingEnvVarsSecret * Moved redis URL from jobservice config secret to env vars secret * Switched jobservice config from Secret to ConfigMap now that no sensitive values are present * Don't create core service if it would be empty Signed-off-by: Andrew Melnick <meln5674@kettering.edu>
meln5674
force-pushed
the
feature/harbor-existing-secrets
branch
from
9faec85
to
4562ed3
Compare
|
This Pull Request has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thank you for your contribution. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of the change
This patch makes the following changes:
Benefits
It is now possible to deploy the chart while creating all secrets out-of-band (i.e. kubectl). This means that no sensitive values are required to be in the
values.yaml. This is more secure when running via GitOps.Because the jobservice configuration no longer contains the (potentially) sensitive redis URL, it can be stored as a ConfigMap, which makes it easier to view.
All changes should be backwards compatible.
Possible drawbacks
None known.
Applicable issues
Additional information
Checklist
Chart.yamlaccording to semver. This is not necessary when the changes only affect README.md files.README.mdusing readme-generator-for-helm